CVE-2022-2601 A buffer overflow was found in grub_font_construct_glyph()
A malicious signed pf2 font can be hosted on the system, and when grub loads the pf2 font during the grub-install or grub-floppy open, then
CVE-2022-22488 IBM OpenBMC OP910 and OP940 could be vulnerable to denial of service if a user uploads or deletes many CA certificates.
On IBM servers running OpenSSL, an insufficiently specified timestamp option in a DTLS handshake could cause a crash of the server. This could be exploited
CVE-2022-45206 Jeecg-boot v3.4.3 had a SQL injection vulnerability.
This can be exploited to get database information or perform other attacks. Jeecg-boot v3.4.3 is installed on the following products. - Hewlett Packard
CVE-2022-3980 V5.0.0 - 9.7.4 Sophos Mobile on-premises has XEE SSRF and potential code execution vulnerabilities.
This vulnerability is an XML External Entity (XEE) issue. In order to exploit this issue, attacker must be able to perform client-side request forgery (CSRF)
CVE-2022-45389 An missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs for an attacker-specified repository.
The issue is caused by a missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier. When installing this plugin, an attacker could specify
Episode
00:00:00
00:00:00